North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: M$SQL cleanup incentives
- From: Doug Clements
- Date: Sat Feb 22 04:54:40 2003
----- Original Message -----
From: "William Allen Simpson" <firstname.lastname@example.org>
Sent: Friday, February 21, 2003 2:25 PM
Subject: Re: M$SQL cleanup incentives
> I'm of the technical opinion that everyone will need to filter outgoing
> 1434 udp forever.
> Iljitsch van Beijnum wrote:
> > Maybe the best approach is to try and deliberately infect the entire
> > local net every few minutes or so to detect new vulnerable systems while
> > the people installing them are still on the premises.
> Gosh, should we do that for every known virus/worm/vulnerability?
Which is it? Where do you draw the line between something that's big enough
to block forever and something that's not worth tracking down? You lambast
him for attempting a solution that is foolish to apply for every known
possible problem where if your solution was applied as such, we'd have a
swiss-cheese internet in which any commonly used destination port is blocked
due to the scads of IIS/bind/fingerd/ftpd/whatever worms.
Have fun filtering.
> Or maybe you don't actually own and/or have legal and financial
> accountability for your own network?
Or maybe he likes having a network his customers can actually use.